CVE-2025-51628 | THREATINT

Description

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.

PUBLISHED Reserved 2025-06-16 | Published 2025-08-05 | Updated 2025-08-05 | Assigner mitre

References

github.com/...blob/main/CVE PoC/CVE-2025-51628 | Eccobook.md exploit

eccobook.com

agenzia.com

github.com/...blob/main/CVE PoC/CVE-2025-51628 | Eccobook.md

cve.org (CVE-2025-51628)

nvd.nist.gov (CVE-2025-51628)

Download JSON